It is the Masonic Villages of the Grand Lodge of Pennsylvania’s (hereafter referred to as “Masonic Villages”) policy to respect your privacy regarding any information we may collect while operating our websites.
Like most website operators, Masonic Villages collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Masonic Villages’ purpose in collecting non-personally identifying information is to better understand how Masonic Villages’ visitors use its website. From time to time, Masonic Villages may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
Masonic Villages also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on Masonic Villages’ member sites. Masonic Villages only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below, except that site commenter IP addresses are visible and disclosed to the administrators of the site where the comment was left.
Gathering of Personally-Identifying Information
Certain visitors to Masonic Villages’ websites choose to interact with Masonic Villages in ways that require Masonic Villages to gather personally-identifying information. The amount and type of information that Masonic Villages gathers depends on the nature of the interaction. Those who engage in transactions with Masonic Villages are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, Masonic Villages collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with Masonic Villages. Masonic Villages does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.
Masonic Villages may collect statistics about the behavior of visitors to its websites. For instance, Masonic Villages may monitor the most popular member sites on the Masonic Villages site. Masonic Villages may display this information publicly or provide it to others. However, Masonic Villages does not disclose personally-identifying information other than as described below.
Protection of Certain Personally-Identifying Information
Masonic Villages discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on Masonic Villages’ behalf or to provide services available at Masonic Villages’ websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using Masonic Villages’ websites, you consent to the transfer of such information to them. Masonic Villages will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, Masonic Villages discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when Masonic Villages believes in good faith that disclosure is reasonably necessary to protect the property or rights of Masonic, third parties or the public at large. If you are a registered user of a Masonic Villages website and have supplied your email address, Masonic Villages may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with Masonic Villages and our products. We expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. Masonic Villages takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
Masonic Villages maintains a list of email addresses of users who have specifically opted to receive mailings and newsletters from us relating to the Masonic Villages retirement living communities, services and events. Participation in this mailing list is strictly voluntary, and any user may opt out at any point by emailing firstname.lastname@example.org a message with a subject of “unsubscribe” from the email address they wish removed from the list. Email addresses from this mailing list are only used for these notifications, and will not be distributed to any third party.
If Masonic Villages, or substantially all of its assets were acquired, or in the unlikely event that Masonic Villages goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Masonic Villages may continue to use your personal information as set forth in this policy.
HIPAA– Health Insurance Portability and Accountability Act: Privacy Notice
MASONIC VILLAGES—NOTICE OF PRIVACY PRACTICES
Revised Date: January, 2017
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
We are required by law to maintain the privacy and security of your health information, referred to as Protected Health Information (PHI), and to provide you with notice of our legal duties and privacy practices with respect to PHI. PHI is information that can identify you as an individual including physical health, mental health and related health care services.
This Notice of Privacy Practices describes how we may use and disclose your PHI in accordance with applicable law, including the Health Insurance Portability and Accountability Act (HIPAA), regarding HIPAA Privacy and Security Rules.
HOW WE MAY USE AND DISCLOSE YOUR HEALTH INFORMATION
The following describes ways we may use and disclose PHI about you, for the following purposes:
Treatment. We may disclose your PHI to physicians, nurses, medical students, therapists, hospitals, and other personnel who provide health care services or are involved in your care. For example, if you are being treated for a knee injury, we may disclose your PHI to the rehabilitation department in order to coordinate your care.
Payment. We may use and disclose your PHI in order to bill and collect payment for treatment and services provided to you. For example, we may provide portions of your PHI to our billing department and your health plan to receive payment for the health care services provided to you. We may provide your PHI to our business associates, such as billing companies, claims processing companies, and others that process our health care claims. Masonic Villages requires any contractor or company receiving PHI, to safeguard, protect and follow the same guidelines regulated by ‘HIPAA’ and as stated in the ‘Business Associate Agreement’.
Health Care Operations. We may use or disclose your PHI in order to conduct our healthcare business and to perform functions associated with our business activities. For example, we may use your PHI in order to evaluate the quality of health care services that you received or to evaluate the performance of the health care professionals who provided health care services to you. We may also provide your PHI to our accountants, attorneys, consultants and others in order to make sure we are compliant with the laws that affect us.
OTHER USES AND DISCLOSURES PERMITTED WITHOUT YOUR AUTHORIZATION
The following are types of uses and disclosures permitted by HIP AA without your authorization, in a limited number of situations.
Abuse, Neglect, Domestic Violence or Exploitation. We must disclose PHI to notify a protective service agency, government authority, or law enforcement authority as required by law, if we reasonably believe that you have been a victim of abuse, neglect, domestic violence or exploitation.
Coroners, Medical Examiners, Funeral Directors and Organ Donation. We may disclose your PHI to coroners, medical examiners or funeral directors as necessary for them to carry out their duties authorized by law. We may release PHI to organ procurement organizations, to assist them in organ, eye, or tissue donations and transplants.
Data Breach Notification Purposes. We may use or disclose your PHI to provide legally required notices of unauthorized access to or disclosure of your PHI.
Deceased Individual. We may disclose PHI regarding deceased patients as mandated by state law, or to a family member or friend that was involved in your care or payment for care prior to death, based on your prior consent. A release of information regarding the deceased individual may be limited to an executor or administrator of a deceased person’s estate or the person identified as next-of-kin. PHI of persons that have been deceased for more than fifty (50) years is not protected under HIPAA.
Emergencies. We may disclose your PHI in an emergency situation. In the event of a fire or another emergency that results in a transfer to another facility, we would provide emergency personnel with information to secure your safety.
Fundraising activities. We may use or disclose PHI to raise funds for our organization. The money raised through these activities is used to expand and support the health care services and educational programs we provide to the community.
Health Oversight Activities. We may use or disclose PHI to health oversight agency for audits, investigations, inspections, or licensing purposes. These disclosures may be necessary for certain state and federal agencies to monitor health care systems, government programs, and compliance with civil right laws.
Law Enforcement. We may disclose PHI, so long as applicable legal requirements are met, for law enforcement purposes. These law enforcement purposes include (1) legal processes, (2) limited information requests for identification and location purposes, (3) information pertaining to victims of a crime, ( 4) suspicion that death has occurred as a result of criminal conduct, (5) in the event that a crime occurs on the premises of the facility, (6) in an emergency to report a crime, the location of the crime or victims, or the identity, description or location of the person who committed the crime.
Legal Proceedings. We may disclose PHI in the course of any judicial or administrative proceeding, in response to an order of a court, warrant, or administrative tribunal, in certain conditions in response to a subpoena, discovery request or other lawful purpose.
Military, Veterans, National Security and Intelligence. If you are or were a member of the armed forces, or part of the national security or intelligence communities, we may be required by military personnel or other government authorities to release your PHI. We may also release information about foreign military personnel to the appropriate foreign military authority.
Public Health. We may disclose PHI about you for public health reasons in order to prevent or control disease, injury or disability, and to report problems with medications or products.
Public Safety. We may use and disclose PHI to law enforcement personnel or other persons able to prevent or lessen such harm. We may use and disclose PHI to prevent a serious threat to your health or safety, or the health and safety of the public or another person.
Required by Law. We may use or disclose PHI about you when required to do so be federal, state or local law.
Research. In certain circumstances, we may provide PHI in order to conduct medical research.
Workers’ Compensation. We may provide PHI in order to comply with workers’ compensation laws.
OTHER USES AND DISCLOSURES PERMITTED WITH YOUR AUTHORIZATION
The following are types of uses and disclosures of your PHI, which Masonic Village is permitted to make with your authorization.
Appointments. We may use or disclose PHI to confirm an appointment for medical care or services.
Facility Directories. We may use and disclose your name, location in the facility, and room number in the facility directory. The facility directory will be used to assist staff members, family members, visitors, and delivery companies to locate your residence at the facility, for those who ask for you by name. We may reveal your religious affiliation to clergy. Our staff members may confirm that you are a resident of Masonic Villages.
Facility Notifications. We may make announcements over the intercom system, post on facility bulletin boards, and/or facility calendars; your birthday and other special events, which could be heard or visible by the public.
Photo and/or Name Plate. We may display your photo and/or nameplate near the door of your room. We may display your photo on bulletin boards within the facility. We will not give photographs of you for publication to anyone outside of the facility, unless we have your permission. We have instructed staff that Masonic Village policy does not allow pictures to be taken of our residents without his/her consent.
Persons Involved in Your Care or Payment for Your Care. We may disclose PHI about you to a legally appointed representative, which could be a family member, friend, or other persons that you approved to be directly involved with your care or payment of your health care.
OTHER USES AND DISCLOSURES REQUIRE YOUR PRIOR WRITTEN AUTHORIZATION
We will not use or disclose your health information for any purpose other than those identified in the previous sections, without your written authorization. If you choose to sign an authorization to disclose your PHI, you can later revoke the authorization in writing to stop any future uses and disclosures, but we cannot take back any uses or disclosures already made with your permission.
Marketing. We must obtain your authorization prior to using or disclosing your PHI for marketing purposes in most situations. If we will obtain financial remuneration for such marketing, we must disclose that to you in the authorization.
Sale of PHI. We must obtain your authorization prior to selling your health information. If we will obtain financial remuneration for such a sale, we must disclose that to you in the authorization.
Psychotherapy Notes. Most uses and disclosures of your psychotherapy notes require your prior authorization.
RIGHTS REGARDING YOUR PHI
You have the following rights regarding PHI we maintain about you.
The Right to Accounting of Disclosures. You have the right to request a list of instances in which we have disclosed your PHI. The list will not include the following uses or disclosures (1) treatment, payment, health care operations, (2) instances of prior authorization, (3) national security purposes, (4) to corrections institutions, (5) law enforcement personnel.
The Right to Amend. If you believe the PHI we have about you is incorrect or incomplete, you may ask us to amend the information in writing. You must provide the request and your reason for the request in writing. We may deny your request in writing if the PHI is (1) correct and complete, (2) not created by us, (3) not allowed to be disclosed or (4) not part of our records. Our written denial will state the reasons for the denial and explain your right to file a written statement of disagreement with the denial. You have the right to submit a written statement disagreeing with the denial and that statement will be attached to your medical record. If we approve your request to your health information, the request will be in addition to, not a replacement of, already existing records. We will inform you and others that need to know, of the changes to your medical record.
The Right to Breach Notification. We are required by law to maintain the privacy of your health information. You will receive a written breach notice if your health information was compromised.
The Right to Choose How you Receive PHI. You have the right to ask that we send the information to another address. You have the right to ask how you would like to receive the information, by mail, email, etc. We must agree to your request so long as we can easily provide the information in the format requested.
The Right to Inspect and Copy. You have the right to inspect and copy your health information that we maintain. You must submit the request in writing. We may deny your request to inspect and copy in limited circumstances. If you are denied access to your information, you may request the denial be reviewed. There may be a fees associated with copying and other associated costs, that you will need to approve or deny before we will continue.
The Right to Opt-Out of Receiving Future Fund raising Notices. You have the right to request we no longer contact you with future fundraising notices. If you would like to start receiving fundraising notices, after you have opted-out, you will need to contact us to add your name back on the fundraising notice list. You would contact the Gift Planning Office at 1-800-599-6454, to request changes to fundraising notices.
The Right to Restrict Disclosure of PHI for Out of Pocket. You have the right to request we do not disclose PHI to a health plan for payment, or health care operations, where service is paid out-of-pocket in full by you, someone on your behalf, or another health plan, unless required by law.
The Right to Request Restrictions. You have the right to request a restriction or limitation of how we use and disclose your PHI. We will consider your request, but we are not legally required to agree to your request, unless your request is to restrict disclosure to a health plan for purposes of payment or health care operations when you or someone on your behalf has already made full payment. If we accept your request, we will put any limits in writing and abide by them except in emergency situations.
RIGHTS AND CHANGES TO THIS NOTICE
We are required to provide you with a copy of the Notice of Privacy Practices at admissions. You can also request a copy of the Notice of Privacy Practices, by contacting the Admissions Office or Marketing Office at any time. You have the right to request a paper copy of the Notice of Privacy Practices, if you have previously agreed to receive the Notice of Privacy Practices electronically.
We reserve the right to change or revise the terms of the Notice of Privacy Practices at any time. We will post the most recent copy of the Notice of Privacy Practices on pertinent bulletin boards and our website https://masonicvillages.org/.
QUESTIONS and COMPLAINTS
If you believe your privacy rights have been violated, disagree with a decision we made regarding access to your PHI, you may file a complaint with our Chief Compliance Officer at 717-367-1121 ext. 33223. You may also send a written complaint to the Secretary of the Department of Health and Human Services. We will take no retaliatory action against you if you file a complaint about our privacy practices.
If you have questions concerning this notice, or would like to know how to file a complaint with the Secretary of the Department of Health and Human Services, please contact our Chief Compliance Officer at 717-367-1121 ext. 33223.